1 CEO, CFO & CIO Engagement in Information Technology Management: The Disciplinary Effects of Sarbanes-Oxley Information Technology Material Weaknesses.

Slides:

Advertisements

Similar presentations

CEO, CFO & CIO ENGAGEMENT IN INFORMATION TECHNOLOGY MANAGEMENT: THE DISCIPLINARY EFFECTS OF SARBANES-OXLEY INFORMATION TECHNOLOGY MATERIAL.

Advertisements

The Impact of IT Material Weaknesses on Corporate Governance Discussant Comments Elaine Mauldin Elaine Mauldin University of Missouri.

IT Governance Drivers of Process Maturity Discussant comments Joseph Braithwaite Friday, Oct 21, 2011.

Cross-listing Sun Yubei. Article 1: Corporate governance, agency problems and international cross-listing: a defense of the bonding hypothesis —— G. Andrew.

By Michael Lawrance, CPA August 14,  The views in this presentation do not necessarily reflect that of KPMG LLP or any of its subsidiaries or affiliates.

Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

© Grant Thornton UK LLP. All rights reserved. Review of Sickness Absence Vale of Glamorgan Council Final Report- November 2009.

SOX and IT Audit Programs John R. Robles Thursday, May 31, Tel:

Seminar in Accounting & Society SOX – Section 404 April 23, 2008.

The Impact of Information Technology Material Weaknesses on Corporate Governance: Evidence from Executive and Director Turnover, and IT Governance Changes.

CHAPTER 2 Corporate Governance

18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.

The Camp Audit “Keep your friends close and your auditor closer”

Levels of management Functions of managers Managerial skills Management styles Management.

“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.

Imran Ghaznavi Course Code: MGT557 COMSATS Strategic Human Resource Management.

Internal Auditing and Outsourcing

Fundamentals of Corporate Finance

QAD's Customer Engagement Dan Blake Consultancy Development Director, QAD QAD Explore 2012.

A painless approach to adding SOX to the first (or any) accounting course Kay M. Poston, School of Business, University of Indianapolis Issue The Sarbanes-Oxley.

Importance of Auditing

Prentice Hall, Inc. © STRATEGIC MANAGEMENT & BUSINESS POLICY 11 TH EDITION THOMAS L. WHEELEN J. DAVID HUNGER CHAPTER 2 Corporate Governance.

PwC Internal Control Reports: Facts, Myths and Best Practices FIRMA National Risk Management Training Conference – San Francisco, CA Wednesday March 31,

Vijay V Vijayakumar.  SOX Act  Difference between IT Management and IT Governance  Internal Controls  Frameworks for Implementing SOX  COSO - Committee.

© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.

Auditing services for assurance in evaluation of companies’ information systems (technologies) efficiency Kherson State University Samchynska Yaroslava.

E q Is Your Audit Plan Keeping Pace With Your Business? Duncan Edwards Liam McCaul – Partner, Risk Advisory Services E Q Internal Audit — Adding Value.

v2 Climate Change Disclosure for Canadian Public Companies Barbara Hendrickson Corporate Reporting: Climate Change & Related Environmental Disclosures.

Introduction to Auditing. Introduction The role of audits is critical in the business environment of the early twenty-first century. Important decisions.

Good corporate governance makes good business sense

1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.

IAOD Evaluation Section, the Development Agenda (DA) and Development Oriented Activities Julia Flores Marfetan, Senior Evaluator.

By: 1. Kenneth A. Kim John R. Nofsinger And 2. A. C. Fernando.

IT Control Weaknesses, IT Governance and Firm Performance Discussant Comments Gary Baker, Partner, Deloitte & Touche LLP Saturday, October 13, 2007.

No 1 Possibilities of evaluation of SAI performance efficiency and effectiveness and evaluation criteria Ms Eva Lindblom, SNAO.

Broadening The Audience Actuarial Interaction With Chief Financial Officers 2002 Casualty Loss Reserve Seminar September 23, 2002 Arlington, Virginia.

Auditing IT Vulnerabilities IT vulnerabilities are weaknesses or exposures in IT assets or processes that may lead to a business risk or security risk.

1 Sarbanes-Oxley Overview. 2 Sarbanes-Oxley Act Summary The Sarbanes-Oxley Act of 2002 §201Prohibited Non-Audit Services §202Audit Committee Pre-Approval.

The French Revolution Exam focus: OCR Elizabeth Francis Philip Allan Publishers © 2015.

INTERNAL CONTROL AND CASH Friday, we will meet in room 217 CHAPTER 7.

ECON 308 Week 15 Corporate Governance Chapter 18 1.

Building on Our Core Values Building on Our Core Values The Sarbanes-Oxley Act Public Law (JFZ edited)

Assurance service/engagement

CHAPTER 2 Corporate Governance

The commencement of audit monitoring ICATT’s audit monitoring programme will commence shortly Programme has been established under auspices of ICAC All.

1 Audit Automation for Implementing Continuous Auditing: Principles and Problems October 2, 2009.

Assessment Formats Charlotte Kotopoulous Regis University EDEL_450 Assessment of Learning.

By Abdur Rashid Mirza University of Lahore School of Accountancy and Finance.

November 2015 Common weaknesses in local authorities judged inadequate under the single inspection framework – a summary.

TDRp Implementation Challenges David Vance, Executive Director Peggy Parskey, Assistant Director October 23, 2014.

Case 6.2 Waste Management Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent.

STRATEGIC MANAGEMENT & BUSINESS POLICY 10 TH EDITION THOMAS L. WHEELEN J. DAVID HUNGER Corporate Governance.

Corporate Governance Prentice Hall 2006.

Vienna 14 March 2006 Andrew J. Popham Vice-President of FEE Partner, PricewaterhouseCoopers LLP The New Directive on Statutory Audit in the EU.

Copyright © Cengage Learning. All rights reserved Why Accounting Information Is Important Recent accounting problems for corporations and their auditors.

THE ROLE OF THE AUDITOR- GENERAL RP MOSAKA Business Executive: Parliamentary Services OFFICE OF THE AUDITOR-GENERAL.

S19: Documentation of fieldwork. Session Objectives ♂ In the last session, we have discussed the standards of documentation and the standard files to.

Linkage of Risk, Capital and Financial Management CAS Annual Meeting Aaron Halpert, ACAS, MAAA Leslie R. Marlo, FCAS, MAAA November 12, 2007 INSURANCE.

Page 1 Portfolio Committee on Water and Environmental Affairs 14 July 2009.

TYNE AND WEAR FIRE AND RESCUE SERVICE ‘Creating The Safest Community’ Evaluation in the Fire and Rescue Service Vicki Parnaby.

Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.

Introduction to Workforce Planning

Internal Audit White Paper

CHAPTER 2 Corporate Governance

ACCOUNTING: The Language of Business

Capital structure, executive compensation, and investment efficiency

David Thompson SVP & CIO, PeopleSoft Inc.

Chapter 1 Importance of Auditing. Define Auditing “A systematic process of objectively obtaining and evaluating evidence regarding assertions about economic.

What Directors Need to Know

Presentation transcript:

1 CEO, CFO & CIO Engagement in Information Technology Management: The Disciplinary Effects of Sarbanes-Oxley Information Technology Material Weaknesses Discussant Report Terry Hung - PricewaterhouseCoopers

2 Author’s Motivation or Justification The author’s justification that companies reporting IT material weaknesses should result in CEO and CFO becoming more involve with IT management should not be the sole reason for them being involved. The study focuses too much on the consequences of reported material weaknesses, rather than looking at demonstrating the value of IT to senior management. The alignment of business strategic goals to the investment in IT should be a better motivation for CEO and CFO involvement.

3 Theoretical Support The results are taken from 2004 and 2005 reports. The results could be outdated. Since the initial introduction of SOX in 2004, reported material weaknesses have been on the decline due to the improve controls implemented. Would the study done on recent reports provide the same conclusions? The author suggests the delegation of responsibility of senior management involvement in IT activities to the CIO introduces agency problems, such as agency costs, which include monitoring and residual losses. Not sure what the alternative solution should be and whether the alternative solution would be more cost effective.

4 Research Method Deployed The author has admitted to limitations in the method deployed: -The SOX standards leads to judgement as to the qualitative nature of a “material weakness” on the part of the reporting firm and their auditors and may be different to another report firm and auditors. -Data examined the initial wave of SOX 404 reports may be markedly different than SOX 404 reports in subsequent periods. -Executive turnover may be driven by voluntary turnover.

5 Analysis of Results The study does not look at the lack of other business mitigating and compensating controls that could have detected an IT material weakness. If business controls cannot detect systemic IT material weaknesses, there is a stronger argument for laying responsibility on the CEO and CFO.

6 Conclusion Agree with the author’s conclusion that the CEO and CFO are accountable for serious IT problems, but it should not be focused only on SOX related control weaknesses.

7 Contribution to Practice Effective IT general control should contribute to an organization’s overall internal control structure. In practice, senior management are more interested in timely and quality IT service delivery that aligns with the company goals. CEOs and CFOs are generally interested in SOX IT material weaknesses as they are certifying on the operating effectiveness of the controls. More interested if it directly impacts their compensation or employment, or if monitored by Audit Committees.

8 Exposition The conclusion makes sense. Practitioners may find the statistics difficult to understand.

9 Terry Hung is a Managing Director with the Advisory Services at PricewaterhouseCoopers LLP. Contact Details: (416) or The views and opinions expressed herein are those of the discussant and do not necessarily represent the views and opinions of PricewaterhouseCoopers LLP.